Add tests for os_user_role in multidomain context

This adds test for assignment of keystone roles to a group/user in a multidomain context. Related: https://review.opendev.org/#/c/703930/ Change-Id: I6422f823e8fb8a0757941e8bd692d3d8c0abbf88
2020-02-03 18:59:19 +01:00 · 2020-02-03 18:59:19 +01:00 · 7f800b4a9c
commit 7f800b4a9c
parent 1a597c2b03
3 changed files with 101 additions and 0 deletions
--- a/ci/roles/user_role/defaults/main.yaml
+++ b/ci/roles/user_role/defaults/main.yaml
@ -0,0 +1,4 @@
+domain_name: ansible_domain
+user_name: ansible_user
+group_name: ansible_group
+keystone_role_name: anotherrole
--- a/ci/roles/user_role/tasks/main.yaml
+++ b/ci/roles/user_role/tasks/main.yaml
@ -0,0 +1,96 @@
+- name: Create domain
+  openstack.cloud.os_keystone_domain:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ domain_name }}"
+  register: domain
+
+- name: Create group in default domain
+  openstack.cloud.os_group:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ group_name }}"
+     domain_id: default
+
+- name: Create group in specific domain
+  openstack.cloud.os_group:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ group_name }}"
+     domain_id: "{{ domain.id }}"
+
+- name: Create user in default domain
+  openstack.cloud.os_user:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ user_name }}"
+     domain: default
+
+- name: Create user in specific domain
+  openstack.cloud.os_user:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ user_name }}"
+     domain: "{{ domain.id }}"
+
+- name: Assign role to group in default domain
+  openstack.cloud.os_user_role:
+    cloud: "{{ cloud }}"
+    role: "{{ keystone_role_name }}"
+    group: "{{ group_name }}"
+    domain: default
+
+- name: Assign role to group in specific domain
+  openstack.cloud.os_user_role:
+    cloud: "{{ cloud }}"
+    role: "{{ keystone_role_name }}"
+    group: "{{ group_name }}"
+    domain: "{{ domain.id }}"
+
+- name: Assign role to user in default domain
+  openstack.cloud.os_user_role:
+    cloud: "{{ cloud }}"
+    role: "{{ keystone_role_name }}"
+    user: "{{ user_name }}"
+    domain: default
+
+- name: Assign role to user in specific domain
+  openstack.cloud.os_user_role:
+    cloud: "{{ cloud }}"
+    role: "{{ keystone_role_name }}"
+    user: "{{ user_name }}"
+    domain: "{{ domain.id }}"
+
+- name: Delete group in default domain
+  openstack.cloud.os_group:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ group_name }}"
+     domain_id: default
+
+- name: Delete group in specific domain
+  openstack.cloud.os_group:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ group_name }}"
+     domain_id: "{{ domain.id }}"
+
+- name: Delete user in default domain
+  openstack.cloud.os_user:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ user_name }}"
+     domain: default
+
+- name: Delete user in specific domain
+  openstack.cloud.os_user:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ user_name }}"
+     domain: "{{ domain.id }}"
+
+- name: Delete domain
+  openstack.cloud.os_keystone_domain:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ domain_name }}"
--- a/ci/run-collection.yml
+++ b/ci/run-collection.yml
@ -23,4 +23,5 @@
    - { role: subnet, tags: subnet }
    - { role: user, tags: user }
    - { role: user_group, tags: user_group }
+    - { role: user_role, tags: user_role }
    - { role: volume, tags: volume }